Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2011-2643

Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.

  • Published: Aug 1, 2011
  • Updated: Apr 13, 2023
  • CVE: CVE-2011-2643
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
phpmyadmin / phpmyadmin 3.4.0.0 3.4.0.0.x
phpmyadmin / phpmyadmin 3.4.3.1 3.4.3.1.x
phpmyadmin / phpmyadmin 3.4.1.0 3.4.1.0.x
phpmyadmin / phpmyadmin 3.4.2.0 3.4.2.0.x
phpmyadmin / phpmyadmin 3.4.3.0 3.4.3.0.x